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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)^ Responsive to communication(s) filed on 02 November 2007 . 
2a)Q This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) KI Claim(s) 7-35 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-35 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. . 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . In view of the applicant arguments filed on 1 1/02/2007, PROSECUTION IS 
HEREBY REOPENED.A new art rejection has been applied as set forth below. 

To avoid abandonment of the application, appellant must exercise one of the 
following two options: 

(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply 
under 37 CFR 1.113 (if this Office action is final); or, 

(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .31 followed 
by an appeal brief under 37 CFR 41 .37. The previously paid notice of appeal fee and 
appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth 
in 37 CFR 41 .20 have been increased since they were previously paid, then appellant 
must pay the difference between the increased fees and the amount previously paid. 

A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by 
signing below: 

2. Claims 1-35 are pending. 

Response to Arguments 

3. Applicant's arguments with respect to claims 1-35 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 
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4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

5. Claims 1-8,13-31are rejected under 35 U.S.C. 102(e) as being anticipated by 
Grawrock et al (herein after referred to as Grawrock) US Patent NO 2002/0080974 B2. 

4. As per claim 1,13,24: Grawreock discloses a method/apparatus/a physical 
machine-readable medium comprising: receiving an ephemeral value from a 
challenging device (See 0029 and Fig 3 step 320(i.e., transmit ephemeral credential); 
retrieving data whose content is known to the challenging device (See 0017 and Fig 3 
step 320(i.e., identity credential to the requestor)); generating a digital signature of the 
data based on the ephemeral value (See 0028-0029,0034 and see Fig 3 steps 
310,31 5(i.e., produce ephemeral credential)); a cryptographic key having a value that is 
equal to the ephemeral value(See0033- 0034 and Fig 4 steps 410,420(i.e., ephemeral 
asymmetric public key matches EAPUK); and transmitting the digital signature to the 
device (See 0034 and Fig 3 step 320(i.e., transmit ephemeral credential). 
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5. As per claim 2,25: Grawreock discloses the method wherein receiving the 
ephemeral value from the challenging device comprises receiving a randomly generated 
number from the challenging device (See 0028,0030). 

6. As per claim 3,26: Grawreock discloses the method wherein retrieving the data 
comprises retrieving at least part of application code (See 0017). 

7. As per claim 4,27: Grawreock discloses the method wherein generating the 
digital signature of the data based on the ephemeral value comprises generating a one- 
way hash across the data with the cryptographic key having a value that is equal to the 
ephemeral value (See 0033-0034). 

8. As per claim 5,28: Grawreock discloses a method comprising: receiving, into a 
response device, an ephemeral value from a challenge device (See 0029 and Fig 3 step 
320); retrieving data from an address space in the response device, wherein the data is 
known to the challenge device and the response device (See 0017 and Fig 3 step 320); 
generating a hash across the data using the ephemeral value as a key of the hash (See 
0028-0029,0034 and Fig 5 steps 510,520); and transmitting at least part of the hash to 
the challenge device(See 0034 and Fig 5 steps 500,510). 

9. As per claim 6,29: Grawreock discloses the method further comprising 
generating a reduced hash based on the hash, wherein transmitting the ephemeral 
value and the at least part of the hash to the challenge device comprises transmitting 
the ephemeral value and the reduced hash to the challenge device (See 0033-0034 ). 
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10. As per claim 7,30: Grawreock discloses the method wherein retrieving the data 
from the address space in the response device comprises retrieving application code to 
be executed in the response device (See 0014,0017 ). 

11. As per claim 8,31 : Grawreock discloses the method wherein retrieving the data 
from the address space in the response device comprises retrieving configuration 
parameters of the response device (See Fig 3 step 320). 

12. As per claim 10: Grawreock disclose the method wherein authenticating the data 
having predictable content comprises authenticating an application executable (See 
0017,0021). 

1 3. As per claim 1 1 : Grawreock disclose the method wherein authenticating the data 
having predictable content comprises authenticating at least one security parameter 
(See Fig 3 step 320 ). 

14. As per claim 12: Grawreock disclose the method wherein authenticating further 
comprises marking the data as authenticated if the first digital signature equals the 
second digital signature (See Grawreok 0033-0034 and Fig 4 steps 410,420). 

15. As per claim 14: the combination of Johnson and Grawreock disclose the 
apparatus wherein the I/O logic is to receive the request for authentication from a 
challenge device, the I/O logic to transmit the cryptographic hash back to the challenge 
device (See Grawreock Fig 2 and 0033-0034). 

16. As per claim 15: the combination of Johnson and Grawreock disclose the 
apparatus wherein the storage medium is a nonvolatile memory (See 0021-0022,0024). 
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17. As per claim 16: the combination of Johnson and Imai disclose further comprising 
a data selection logic to select less than all of the data, wherein the at least part of the 
data is the less than all of the data (See 0024,0028). 

18. As per claim 17: the combination of Johnson disclose the apparatus wherein the 
data selection logic is to select less than all of the data based on a random number 
based selection of segments of the data (See 0028,0030-0031 ). 

19. As per claim 18: Grawreock the apparatus wherein the data comprises an 
application to be executed in the apparatus (See 0017,0021). 

20. As per claim 19: Grawreock discloses the apparatus wherein the data comprises 
at least one security parameter of the apparatus (See Fig 3 step 320). 

21 . As per claim 20: Grawreock discloses a challenge device to authenticate data 
presumably stored in a response device, the challenge device comprising: a storage 
medium to store a copy of the data presumed to be stored in the response device (See 
(See 0028,0030); a key generation logic to generate an ephemeral value (See 0025); 
an input/output (I/O) logic to output a request for authentication to a response device, 
wherein the request includes the ephemeral value, the I/O logic to receive a first digital 
signature from the response device in response to the request for authentication(See 
Fig 2 step 200 and 0029-0030); a signature logic to retrieve the copy of the data and the 
ephemeral value and to generate a second digital signature(See 0029-0030); and an 
authentication logic to compare the first digital signature to the second digital signature, 
wherein the data is authenticated if the first digital signature equals the second digital 
signature(See 0030 and Fig 5 steps 530,540). 
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22. As per claim 21 : Grawreock discloses the challenge device wherein the 
ephemeral value comprises a randomly generated value (See 0028,0030 ). 

23. As per claim 22: Grawreock discloses the challenge device wherein the data 
comprises application code to be executed by the response device (See 0014, 0017). 

24. As per claim 23: Grawreock discloses the challenge device wherein the data 
comprises at least one configuration parameter of the remote device (See Fig 3 steps 
320). 

Claim Rejections - 35 USC § 103 

25. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

26. Claims 9-12,32-35 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Johnson, P. K.,et al(hereinafter referred as Johnson) (W0 00/18162) in view of 
Grawrock et al (herein after referred to as Grawrock) US Patent NO 2002/0080974 B2 . 

27. As per claim 9,32: Johnson discloses a method comprising: authenticating data 
having predictable content and stored in an address space of a remote device, the 
authenticating comprising: generating a random number (See col 10 lines 20-33 ); 
transmitting the random number to a remote device presumably having the data (See 
col 6 lines 17-24 and Figs 2,3); receiving, from the remote device, a first digital 
signature that is representative of the data (See col 6 lines 25-33 and abstract ); 
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Johnson does not explicitly teach generating a second digital signature with a 

cryptographic key having a value that is equal to based on the random number; and 
comparing the first digital signature to the second digital signature. 

However Grawrock teaches generating a second digital signature with a 
cryptographic key having a value that is equal to based on the random number(See 
0028-0029,0034 and see Fig 3 steps 310,315) and comparing the first digital signature 
to the second digital signature(See 0033-0034& Fig 5 steps 530,540). 

Therefore it would have been obvious to one having ordinary skill in the art at 
that time the invention was made to modify the teaching method of Johnson with in 
inorder to enhancing the security of the system. 

28. As per claim 10,33: the combination of Johnson and Grawreock disclose the 
method wherein authenticating the data having predictable content comprises 
authenticating an application executable (See Johnson col 7 lines 1-3). 

29. As per claim 1 1 ,34: the combination of Johnson and Grawreock disclose the 
method wherein authenticating the data having predictable content comprises 
authenticating at least one security parameter (See Johnson col 7 lines 1-3). 

30. As per claim 12,35: the combination of Johnson and Grawreock disclose the 
method wherein authenticating further comprises marking the data as authenticated if 
the first digital signature equals the second digital signature (See Grawreok 0033-0034). 

Conclusion 
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26. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO 892. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fikremariam Yalew whose telephone number is 
5712723852. The examiner can normally be reached on 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Moazzami Nasser.can be reached on 5712738300. The fax phone number 
for the organization where this application or proceeding is assigned is 571-272-4195. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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